oauth-client-credentials.http
@tokenUrl = https://auth.example.com/oauth/token
@clientId = replace-with-client-id
@clientSecret = replace-with-client-secret
@scope = api.read
### Request an OAuth access token with client credentials
POST {{tokenUrl}}
Accept: application/json
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_id={{clientId}}&client_secret={{clientSecret}}&scope={{scope}}
Variables to replace
- tokenUrl
- The authorization server's token endpoint.
- clientId
- The registered OAuth client ID.
- clientSecret
- The client secret; keep the real value in a git-ignored environment.
- scope
- The space-delimited permissions requested by the client.
Expected response
A successful token endpoint normally returns 200 OK JSON containing access_token, token_type, and expires_in. Copy the access_token manually into the next request or your active environment.
Karve does not chain response fields into later requests. Copy the returned access token manually.
Related examples and guides
Learn the full syntax in the .http file format guide, manage secrets with variables and environments, or see how to run .http files on Windows.
Run this request without leaving Windows.
Karve opens .http files as a native workspace: edit the plain text, press Run, inspect the response, and keep the file in Git.
15-day free trial · No account · No subscription · No metered requests
25% off until Sep 1